| ESXI-06-000002 - The system must verify the DCUI.Access list. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-06-000014 - The SSH daemon must not permit root logins. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000026 - The SSH daemon must set a timeout count on idle sessions. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000027 - The SSH daemon must set a timeout interval on idle sessions. | DISA STIG VMware vSphere 6.x ESXi OS v1r5 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-06-000075 - The connectivity between VSAN Health Check and public Hardware Compatibility List must be disabled or restricted by use of an external proxy server. | DISA STIG VMware vSphere 6.x ESXi v1r5 | VMware | CONFIGURATION MANAGEMENT |
| GEN000452 - The system must display the date and time of the last successful account login upon login. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN000900 - The root user's home directory must not be the root directory (/). | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN001280 - Manual page files must have mode 0644 or less permissive - '/usr/share/man/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001375 - For systems using DNS resolution, at least two name servers must be configured - second name server | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN001540 - All files and directories contained in interactive user home directories must be owned by the home directory's owner. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001560 - All files and directories contained in user home directories must have mode 0750 or less permissive. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN001780 - Global initialization files must contain the 'mesg -n' or 'mesg n' commands - '/etc/csh.logout' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN002715 - System audit tool executables must be owned by root - '/sbin/audispd' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002715 - System audit tool executables must be owned by root - '/sbin/auditd' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002716 - System audit tool executables must be group-owned by bin, sys, or system - '/usr/sbin/auditselect' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/sbin/auditd' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditmerge' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditselect' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002717 - System audit tool executables must have mode 0750 or less permissive - '/usr/sbin/auditstream' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/sbin/auditctl' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/audit' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002718 - System audit tool executables must not have extended ACLs - '/usr/sbin/auditbin' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN002719 - The audit system must alert the SA in the event of an audit processing failure - '/etc/audit/auditd.conf disk_full_action' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN003220 - Cron programs must not set the umask to a value less restrictive than 077 - '/etc/cron.weekly/*' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003500 - Process core dumps must be disabled unless needed. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN003522 - The kernel core dump data directory must have mode 0700 or less permissive. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL |
| GEN003602 - The system must not process Internet Control Message Protocol (ICMP) timestamp requests - 'timestamp-request -j DROP' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL |
| GEN003621 - The system must use a separate file system for /var. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003623 - The system must use a separate file system for the system audit data path. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND COMMUNICATIONS PROTECTION |
| GEN003800 - Xinetd logging/tracing must be enabled - '/etc/xinetd.d/* log_type' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | AUDIT AND ACCOUNTABILITY |
| GEN004660 - The SMTP service must not have the EXPN feature active. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN004680 - The SMTP service must not have the VRFY feature active. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN004700 - The Sendmail service must not have the wizard backdoor active. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN004980 - The FTP daemon must be configured for logging or verbose mode - '/etc/syslog.conf contains daemon.info or *.info' | DISA STIG AIX 6.1 v1r14 | Unix | AUDIT AND ACCOUNTABILITY |
| GEN005524 - The SSH daemon must not permit GSSAPI authentication unless needed. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN005525 - The SSH client must not permit GSSAPI authentication unless needed. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN005525 - The SSH client must not permit GSSAPI authentication unless needed. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | CONFIGURATION MANAGEMENT |
| GEN005526 - The SSH daemon must not permit Kerberos authentication unless needed. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN006570 - The file integrity tool must be configured to verify ACLs. | DISA STIG AIX 6.1 v1r14 | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN006571 - The file integrity tool must be configured to verify extended attributes. | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | SYSTEM AND INFORMATION INTEGRITY |
| GEN008420 - The system must use available memory address randomization techniques. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| GEN008440 - Automated file system mounting tools must not be enabled unless needed. | DISA STIG AIX 6.1 v1r14 | Unix | CONFIGURATION MANAGEMENT |
| KNOX-07-000100 - The Samsung Android 7 with Knox must be configured to enforce a minimum password length of six characters. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000350 - Splunk Enterprise must be configured to enforce password complexity by requiring that at least one lowercase character be used. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| SPLK-CL-000400 - Splunk Enterprise must be configured to enforce a 60-day maximum password lifetime restriction. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS | Unix | IDENTIFICATION AND AUTHENTICATION |
| VCWN-06-000036 - The system must produce audit records containing information to establish what type of events occurred. | DISA STIG VMware vSphere vCenter 6.x v1r4 | VMware | SYSTEM AND INFORMATION INTEGRITY |
| VMCH-06-000002 - The system must explicitly disable drag and drop operations. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000009 - The unexposed feature keyword isolation.tools.ghi.autologon.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000013 - The unexposed feature keyword isolation.tools.memSchedFakeSampleStats.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-06-000016 - The unexposed feature keyword isolation.tools.dispTopoRequest.disable must be set. | DISA STIG VMware vSphere Virtual Machine 6.x v1r1 | VMware | CONFIGURATION MANAGEMENT |
